Sunday, June 29, 2014

REST web service is stateless. We need to transfer the state between calls. Hence, we couldn't store state of an entity on server side using sessions. Rather, we need to store the state on application level.

as it is stateless, we need to pass parameters in our requests to server and process it accordingly. User authentication/authorization is done with sessions. For authentication, we can use HTTP Basic authentication and HTTP Digest authentication. Also, there is token based authentication.